[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] Kristian is alvie :-)
From: |
Daniel Kahn Gillmor |
Subject: |
Re: [Sks-devel] Kristian is alvie :-) |
Date: |
Fri, 18 Mar 2011 15:22:37 -0400 |
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.15) Gecko/20110309 Icedove/3.1.9 |
On 03/18/2011 02:38 PM, Jonathan Wiltshire wrote:
> On Fri, Mar 18, 2011 at 01:45:52PM -0400, Daniel Kahn Gillmor wrote:
>> Kristian, i would happily offer zimmermann.mayfirst.org as a redundant
>> authoritative DNS server -- we'd just need to coordinate how the pool
>> gets published.
>
> I suggest DNS slaves would be the simplest way to achieve this. I'm happy
> to offer a London slave. If the master server sends notifies and the slaves
> do a XFER, pool updates can be run with almost no delay for clients.
the DNS slave setup would suffer from a different (and slightly
less-bad, though more difficult to notice when it happens) SPOF, though,
in the form of a primary that fails to run updates on the secondaries.
It seems more failsafe to me If all the nameservers are publishing their
independent view of the keyserver network, but i agree it might be more
expedient to set up XFER, at least initially.
--dkg
signature.asc
Description: OpenPGP digital signature